Procedures typically performed by the Administrator are indicated below with references to their pertinent chapters.
Following are the procedures typically performed to prepare RCS for use by others:
Step | Action |
---|---|
1 |
In the Accounting section, Users set the people who will have access to RCS. |
2 |
In the Accounting section, Groups create the user group (usually composed of system administrators and not linked to any operation) that will receive the system alarm e-mail notifications |
3 |
In the Monitor section, select the group that will receive the system alarm e-mail notifications. |
Procedures typically performed to open an investigation are indicated below:
Step | Action |
---|---|
1 |
In the Accounting section, Users set the people who will belong to the investigation team and their roles. |
2 |
In the Accounting section, Groups set the team enabled to view investigation data and receive system alarms. |
3 |
In the Operations section, open the investigation and link one or more groups. |
4 | Inform the RCS Technician of the types of evidence to be collected. |
5 |
In the Audit section, monitor system access by the team and check their actions. |
The typical procedure performed to close an investigation is indicated below:
Step | Action |
---|---|
1 |
In the Operations section, close the investigation. See "Operation management" |
2 |
If necessary, ask the System administrator to save evidence in a Backup file. |
The typical procedures performed to monitor RCS use are indicated below:
Step | Action |
---|---|
1 |
In the Monitor section, monitor system messages and licenses used. |
2 |
In the Audit section, monitor actions performed by Technicians, Analysts and other Administrators. |
RCS8.2 | User's and Installation Guide | © COPYRIGHT 2012